Академический Документы
Профессиональный Документы
Культура Документы
P R E S E N T A T I O N
T13
Thursday, November 1, 2001 1:30 PM
International Conference On Software Testing Analysis & Review October 29-November 2, 2001 San Jose, CA USA
An Introduction
Peapod, Inc. An online grocer serving several major metropolitan areas. Peapod has been in business since 1989. Karen Johnson, QA Manager of E-Commerce 16 years in IT: 9 years of QA experience, 7 years tech writing Experience with functional, regression, automation, load and performance testing.
Browsers
Know what browsers your users have Stay current on browser releases Be conscience of what parts of your site are affected by the browser and browser version Tips on what to test with different browsers can be found in my article Mining the Gold from Your Web Server logs STQE January issue. The article can be found on the sticky minds site.
Verify the item is added to the cart Where in the store was the item added to the cart? For example is there a specials page, discount rack, banner ad, etc. Is the buying functionality the same throughout the store? For example if the customer buys from the banner ad versus from a regular item page - is the buying functionality the same.
Verify item quantity is increased/decreased Are there quantity restrictions? For example, your site may restrict the quantity that may be purchased. Are there restricted products? For example, some products may not be shippable in all states. Products such as alcohol have many restrictions.
10
Netscape
The cookie is stored in one large file with all the Netscape cookies. C:/program files/netscape/username/cookies Delete the file.
11
Customers
What information is maintained about each customer? Is your site customized? What information is stored encrypted? What are the rules for sending emails?
12
Registration
Unique user id Verify each user has a unique account. Address information Does your site restrict service or delivery based on which state or address the order is being shipped to? Does your site validate the street address during registration? Passwords Are they stored encrypted? Are they encrypted in your user logs?
13
Registration
The overall process How does the process work? Does registration handle user that use the back and forward buttons in the browser? SSL Is the registration process secure? Can the user break out of registration do the pages rotate from secure to insecure as needed? Field validation Are required fields working as expected? Is there javascript for field validation?
14
SSL: What it is
According to OReillys book Web Security & Commerce: SSL is a layer that exists between the raw TCP/IP protocol and the application layer. While the standard TCP/IP protocol simply sends an anonymous error-free stream of information between two computers (or between two processes running on the same computer), SSL adds numerous features to that stream, including: Authentication and non-repudiation of the server, using digital signatures Authentication and non-repudiation of the client, using digital signatures Data confidentiality through the use of encryption Data integrity through the use of message authentication codes
* permission granted by OReilly
15
verify pages that should be secure are secure verify secure pages cannot be bookmarked verify secure pages work correctly on each server verify secure pages work on at least one version of IE and Netscape
16
check the credit card types allowed check the expiration dates of the card whether adding or updating the card info check the credit card billing address whether the address is updated or the card is updated
17
Length 16 13 or 16 15 16
18
Session
19
Servers
20
Regression Testing
Create a base set of user scenarios that must be tested each release. Identify for each release the areas of greatest risk and code that could be affected. Balance risk vs likelihood and plan testing accordingly.
21
More Information
SSL http://home.netscape.com/eng/mozilla/2.0/handbook/doc/appans /html#C35 http://www.faqs.org/faqs/computer-security/ssl-talk-faq Credit Cards Web Commerce Cookbook By Gordon McComb Wiley Press Cookies http://www.netscape.com/newsref/std/cookie_spec.html Javascript: The Definitive Guide OReilly press
Karen Johnson/StarWest 2001 22
More Information
Web Testing Testing Applications on the Web by Hung Nguyen Wiley press The Web Testing Handbook by Stefan P. Jaskiel/Steven Splaine seminars by Dale Perry - check SQE for details
23
Karen Johnson Karen Johnson is the E-Commerce Quality Assurance Manager at Peapod, Inc. Peapod is an online grocer serving several cities throughout the U.S. Peapods website can be found at http://www.peapod.com Karen has more than 16 years experience in computer software; for the past nine years she has been involved in quality assurance. In Karens current position she is responsible for functional, regression, cross browser, load, and performance testing of the companys website. In previous positions, she has been responsible for client-server testing including installation, multiple-user testing, data replication to palm pilots, functional and performance testing. She has worked closely with Oracle, Sybase, SQLServer, Informix, and SQLAnywhere databases. Karen also has seven years experience as a technical writer documenting manufacturing and financial applications. Karen lives in a suburb of Chicago and can be reached at kjohns@peapod.com